[Thincrust-devel] selinux security context
Bryan Kearney
bkearney at redhat.com
Fri Nov 7 00:35:58 UTC 2008
David Lutterkort wrote:
> On Wed, 2008-10-29 at 22:23 +0100, Alan Pevec wrote:
>> Kay Williams wrote:
>>> Would it make sense for appliance-creator to automatically set the
>>> selinux context to created images?
>> I think it would make sense that virt-image sets the SELinux context
>> when installing the appliance image.
>
> virt-image doesn't really muck with the disk images, it just creates
> libvirt XML that points to those disk images; sure, we could stick a few
> chcon calls into virt-image to make that simpler, but I'd feel a little
> dirty doing that.
Wait.. virt-image consumes the xml and drives the virsh api.
>
> What we are missing right now is any tooling around appliance
> deployment, because we have no appliance packaging ;) Once we had that,
> the flow would be more like 'download appliance package', 'run deploy
> tool to extract everything into proper places', 'run virt-image on that
> to create VM'[1]
Why not make virt-image be that tool? It could deploy, or run in place
based on a command line arg?
-- bk
>
> David
>
> [1] Not that the user necessarily has to run these as separate commands,
> but that's the flow that should happen behind the scenes
>
> _______________________________________________
> Thincrust-devel mailing list
> Thincrust-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/thincrust-devel
More information about the Thincrust-devel
mailing list